Depending on your implementation, supply one of the following as credentials for the credentials database:

For domain‑based authentication, a domain account with membership in the Administrators group on the monitored application server.

For workgroup authentication, a built-in administrator account on the monitored application server

For workgroup authentication, a local user account with membership in the Administrators group and the User Account Control (UAC) setting "Run all administrators in Admin Approval Mode" disabled on the monitored application server.

Modifying the Windows Firewall

You must allow core networking, WMI, and RPC traffic through the firewall of the monitored server. The following procedure walks you through allowing this traffic through the Windows Firewall on Windows 2008 R2.

Notes:

If you have restricted the range of dynamic RPC ports, you must ensure that each host is able to access that port range.

If you are connecting to Hyper-V hosts through a DMZ or hardware firewall, you must open the corresponding rules and ports on the hardware.

Allow the correct traffic through the Windows firewall

Ensure the core networking rules are enabled

Enable the Windows Management Instrumentation (DCOM-In) rule

Create a new rule to open the RPC ports

Ensure the Core Networking rules are enabled

You must ensure that the core networking rules are enabled to collect information successfully from Hyper-V hosts.

If the rule has a green icon with a checkmark in front of it, the rule is enabled.